REMARKS 

The Office Action dated January 9, 20 09 5 has been received and carefully noted. 
The above amendments to the claims, and the following remarks, are submitted as a full 
and complete response thereto. 

By this Response, claims 2-3, 6, 14, 24-27, and 32-36 have been amended, and 
claims 39-40 have been added, to more particularly point out and distinctly claim the 
subject matter of the present invention. No new matter has been added. Accordingly, 
claims 2-3, 6-9, 13-15, 17, 24-27, and 32-40 are currently pending in the application, of 
which claims 2-3, 24-26, and 32-36 are independent claims. 

In view of the above amendments and the following remarks, Applicants 
respectfully request reconsideration and timely withdrawal of the pending rejections to 
the claims for the reasons discussed below. 

Allowable Subject Matter 

Claims 6-9, 13-15, 17, and 27 were objected to as allegedly being dependent upon 

a rejected base claim, but would be allowable if rewritten independent form including all 

of the limitations of the base claim and any intervening claims. Applicants thank the 

Examiner for this indication of allowable subject matter. Applicants respectfully submit 

that the claims from which claims 6-9, 13-15, 17, and 27 depend are also allowable, as 

discussed below. Accordingly, Applicants respectfully request that the objections to 

claims 6-9, 13-15, 17, and 27 be withdrawn. 
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Reconsideration and allowance of claims 6-9, 13-15, 17, and 27 are, thus, 
respectfully submitted. 

Claim Rejection - 35 U.S.C 101 

Claims 2-3 and 24-26 were rejected under 35 U.S.C. 101 as allegedly not falling 
within one of the four statutory categories of invention, specifically, a "process." In 
particular, the Office Action asserted that independent method claims 2-3 and 24-26 
neither are tied to a particular apparatus nor transform underlying subject matter to a 
different state or thing, and thus, are not statutory "processes." Applicants have amended 
claims 2-3 and 24-26 to explicitly tie each step of the method claims to a particular 
machine, specifically, a receiver or a processor. Accordingly, Applicants respectfully 
submit that this rejection is moot in view of the claim amendments, and respectfully 
requests that this rejection be withdrawn. 

Reconsideration and allowance of claims 2-3 and 24-26 are, therefore, respectfully 
submitted. 

Claim Rejection - 35 U.S.C 103 

Claims 2-3, 24-26, and 32-38 were rejected under 35 U.S.C. 103(a) as allegedly 

being unpatentable over "RFC 2977 - Mobile IP Authentication, Authorization, and 

Accounting Requirements" of Glass et al. ("RFC 2977") in view of U.S. Patent Appln. 

Pub. No. 2002/0065785 of Tsuda ("Tsuda") and U.S. Patent No. 6,751,459 of Lee et al. 
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("Lee"). The Office Action acknowledged that RFC 2977 fails to disclose or suggest all 
of the features of claims 2-3, 24-26, and 32-38, and cited Tsuda and Lee to remedy the 
deficiencies of RFC 2977 with respect to these rejected claims. Applicants respectfully 
submit that each of claims 2-3, 24-26, and 32-38 recites subject matter that is neither 
disclosed nor suggested in the combination of RFC 2977, Tsuda, and Lee. 

Independent claim 2, upon which claims 37-38 depend, is directed to a method 
including receiving, by a receiver, a message from subscriber's user equipment, the 
message indicating that an address of a certificate provisioning gateway for certificate 
issuance and delivery procedure in a visited network is requested by the subscriber's user 
equipment, the certificate provisioning gateway serving at least one certificate authority, 
the message further containing the address of the certificate provisioning gateway. The 
method also includes obtaining, by a processor, in response to receiving the message, 
subscriber's location information maintained in a mobile communication system. The 
method further includes determining, by the processor, on the basis of the subscriber's 
location information, an address of the certificate provisioning gateway. The method 
additionally includes checking, by the processor, whether or not the address of the 
certificate provisioning gateway received in the message is the same as the address of the 
certificate provisioning gateway determined on the basis of the location information. The 
method also includes when they are not the same, using, by the processor, the address 
determined on the basis of the location information. 
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Independent claim 3 is directed to a method including receiving, by a receiver, a 
message from subscriber's user equipment, the message containing subscriber's location 
information and indicating that an address of a certificate provisioning gateway for 
certificate issuance and delivery procedure in a visited network is requested by the 
subscriber's user equipment, the certificate provisioning gateway serving at least one 
certificate authority. The method also includes obtaining, by a processor, in response to 
receiving the message, subscriber's location information maintained in a mobile 
communication system. The method further includes checking, by the processor, whether 
or not the subscriber's location information received in the message corresponds to the 
subscriber's location information obtained. The method additionally includes using, by 
the processor, the subscriber's location information obtained to determine the address of 
the certificate provisioning gateway when the subscriber's location information obtained 
does not correspond to subscriber's the location information received in the message. 

Independent claim 24, upon which claims 6-9, 13-15, and 17 depend, is directed to 

a method including receiving, by a receiver, a message from subscriber's user equipment, 

the message containing subscriber's location information and indicating that an address 

of a certificate provisioning gateway for certificate issuance and delivery procedure in a 

visited network is requested by the subscriber's user equipment, the certificate 

provisioning gateway serving at least one certificate authority. The method also includes 

obtaining, by a processor, in response to receiving the message, subscriber's location 

information maintained in a mobile communication system. The method further includes 
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checking, by the processor, whether or not the subscriber's location information received 

in the message corresponds to the subscriber's location information obtained. The 

method additionally includes when the subscriber's location information obtained 

corresponds to the subscriber's location information received in the message, 

determining, by the processor, on the basis of the subscriber's location information the 

address of the certificate provisioning gateway. The method also includes when the 

subscriber's location information obtained does not correspond to the subscriber's 

location information received in the message, sending, by the processor, an error 

indication by using the subscriber's location information obtained. 

Independent claim 25, upon which claim 27 depends, is directed to a method 

including receiving, by a receiver, a message from subscriber's user equipment, the 

message containing subscriber's location information and indicating that an address of a 

certificate provisioning gateway for certificate issuance and delivery procedure in a 

visited network is requested by the subscriber's user equipment, the certificate 

provisioning gateway serving at least one certificate authority. The method also includes 

obtaining, by a processor, in response to receiving the message, subscriber's location 

information maintained in a mobile communication system. The method further includes 

checking, by the processor, whether or not the subscriber's location information received 

in the message corresponds to the subscriber's location information obtained. The 

method additionally includes determining, by the processor, on the basis of the 

subscriber's location information the address of the certificate provisioning gateway, 
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when the subscriber's location information received in the message corresponds to the 

subscriber's location information obtained. The method also includes using, by the 

processor, the subscriber's location information received in the message when the 

subscriber's location information received in the message does not correspond to the 

subscriber's location information obtained. 

Independent claim 26 is directed to a method including receiving, by a receiver, a 

message from subscriber's user equipment, the message containing subscriber's location 

information and indicating that an address of a certificate provisioning gateway for 

certificate issuance and delivery procedure in a visited network is requested by the 

subscriber's user equipment, the certificate provisioning gateway serving at least one 

certificate authority. The method also includes obtaining, by a processor, in response to 

receiving the message, subscriber's location information maintained in a mobile 

communication system. The method further includes checking, by the processor, whether 

or not the subscriber's location information received in the message corresponds to the 

subscriber's location information obtained. The method additionally includes when the 

subscriber's location information received in the message corresponds to the subscriber's 

location information obtained, determining, by the processor, on the basis of the 

subscriber's location information the address of the certificate provisioning gateway. The 

method also includes when the subscriber's location information received in the message 

does not correspond to the location information obtained, sending, by the processor, an 

error indication by using the subscriber's location information received in the message. 
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Independent claim 32, upon which claims 39-40 depend, is directed to an 
apparatus including a processor configured to serve a certificate authority in a mobile 
communication system. The processor is also configured to determine, in response to 
receiving from subscriber's user equipment a message indicating a request for an address 
of another certificate provisioning gateway for certificate issuance and delivery 
procedure, the message further containing an address of the other certificate provisioning 
gateway, an address of the other certificate provisioning gateway on the basis of 
subscriber's location information maintained in and obtained from the mobile 
communication system. The processor is further configured to check whether or not the 
address of the other certificate provisioning gateway received in the message is the same 
as the address of the other certificate provisioning gateway determined on the basis of the 
subscriber's location information. The processor is additionally configured when they 
are not the same, to use the address of the other certificate provisioning gateway 
determined on the basis of the location information. 

Independent claim 33 is directed to an apparatus including a processor configured 

to serve a certificate authority in a mobile communication system. The processor is also 

configured to obtain, in response to receiving from subscriber's user equipment a 

message containing subscriber's location information and indicating a request for an 

address of another certificate provisioning gateway for certificate issuance and delivery 

procedure in a visited network, subscriber's location information maintained in the 

system. The processor is further configured to check whether or not the subscriber's 
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location information received in the message corresponds to the subscriber's location 
information obtained. The processor is additionally configured to use the subscriber's 
location information obtained from the system to determine the address of the other 
certificate provisioning gateway when the subscriber's location information obtained 
from the system does not correspond to the location information received in the message. 

Independent claim 34 is directed to an apparatus including a processor configured 
to serve a certificate authority in a mobile communication system. The processor is also 
configured to obtain, in response to receiving from subscriber's user equipment a 
message containing subscriber's location information and indicating that an address of 
another certificate provisioning gateway for certificate issuance and delivery procedure in 
a visited network is requested, subscriber's location information maintained in the 
system. The processor is further configured to check whether or not the subscriber's 
location information received in the message corresponds to the subscriber's location 
information obtained. The processor is additionally configured when the subscriber's 
location information received in the message corresponds to the subscriber's location 
information obtained, to determine an address of the other certificate provisioning 
gateway on the basis of the subscriber's location information. The processor is also 
configured when the subscriber's location information obtained from the system does not 
correspond to the subscriber's location information received in the message, to send an 
error indication by using the subscriber's location information obtained. 
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Independent claim 35 is directed to an apparatus including a processor configured 
to serve a certificate authority in a mobile communication system. The processor is also 
configured to obtain, in response to receiving from subscriber's user equipment a 
message containing subscriber's location information and indicating a request for an 
address of another certificate provisioning gateway for certificate issuance and delivery 
procedure in a visited network, subscriber's location information maintained in the 
system. The processor is further configured to check whether or not the subscriber's 
location information in the message corresponds to the subscriber's location information 
obtained. The processor is additionally configured to use the subscriber's location 
information received in the message to determine the address of the other certificate 
provisioning gateway when the subscriber's location information received in the message 
does not correspond to the subscriber's location information obtained. 

Independent claim 36 is directed to an apparatus including a processor configured 

to serve a certificate authority in a mobile communication system. The processor is also 

configured to obtain, in response to receiving from subscriber's user equipment a 

message containing subscriber's location information and indicating a request for an 

address of another certificate provisioning gateway for certificate issuance and delivery 

procedure in a visited network, subscriber's location information maintained in the 

system. The processor is further configured to check whether or not the subscriber's 

location information received in the message corresponds to the subscriber's location 

information obtained. The processor is additionally configured to determine on the basis 

U.S. Application No. 10/705,396 
Page 23 of 31 



of the subscriber's location information the address of the other certificate provisioning 
gateway, when the subscriber's location information in the message corresponds to the 
subscriber's location information obtained. The processor is also configured when the 
subscriber's location information received in the message does not correspond to the 
subscriber's location information obtained, to send an error indication by using the 
subscriber's location information received in the message. 

Applicants respectfully submit that the combination of RFC 2977, Tsuda, and Lee 
fails to disclose or suggest all of the features of any of the presently pending claims. 

RFC 2977 describes a basic model for operation of Authentication, Authorization, 
and Accounting (AAA) servers. Within the Internet, a client belonging to one 
administrative domain (called the home domain) often needs to use resources provided by 
another administrative domain (called the foreign domain). An agent in the foreign 
domain that attends to the client's request (call the agent the "attendant") is likely to 
require that the client provide some credentials that can be authenticated before access to 
the resources is permitted. The attendant is expected to consult an authority (typically in 
the same foreign domain) in order to request proof that the client has acceptable 
credentials (see RFC 2977 at page 4, section 3, "Basic Model"). 

Tsuda describes a mobile communication system that includes a mobile node 

device according to Mobile IP protocol that transmits an authentication and accounting 

request for requesting a desired accounting service at an AAA server device of a home 

network (AAAH server device). The AAAH server device carries out a processing for 
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providing the desired accounting service according to the authentication and accounting 
request {see Tsuda at Abstract). 

Lee describes a method and an apparatus for updating information in a personal 
mobility database server with information concerning a user's nomadicity. When the 
user travels from one place to another, the user registers with a server at an IP port for 
computing communications. The server takes user's terminal personalization, together 
with usage profile, session characteristics into account to map a party's identifier to a 
terminal's identifier. The IP address of the user's current location is used in concert with 
the terminal's identifier, which is itself an IP address, to route incoming computing 
communications connection requests to the current location of the user {see Lee at 
Abstract). 

Applicants respectfully submit that the combination of RFC 2977, Tsuda, and Lee 

fails to disclose or suggest all of the features of any of the presently pending claims. 

Specifically, the combination of RFC 2977, Tsuda, and Lee does not disclose or suggest, 

at least, "said message indicating that an address of a certificate provisioning gateway for 

certificate issuance and delivery procedure in a visited network is requested by the 

subscriber's user equipment, the certificate provisioning gateway serving at least one 

certificate authority, the message further containing the address of the certificate 

provisioning gateway," as recited in independent claim 2 and similarly recited in the 

other independent claims. The Office Action appears to assert that these features are 

disclosed by RFC 2977 at pages 4-15, sections 3-5, and Figures 1-2. In the cited portion, 
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RFC 2977 refers to a client C requesting resources from an attendant A (see RFC 2977 at 
page 4, section 3, "Basic Model, 55 and Figure 1). RFC 2977 also refers to AAA servers 
AAAH and AAAL authorizing the client C to have access to any/all requested resources 
(see RFC 2977 at pages 4-5, section 3, "Basic Model, 55 and Figure 1). The AAA servers 
further obtain or coordinate the allocation of a suitable IP address for a customer upon 
request by the customer (see RFC 2977 at page 8, section 4, "Requirements related to 
basic IP connectivity). The AAA servers additionally obtain the revocation status of a 
digital certificate in an AAA message either by performing online checks or otherwise 
validating the certificate (see RFC 2977 at page 7, section 3.1, "AAA Protocol Roaming 
Requirements 55 ). 

However, RFC 2977 fails to disclose or suggest that the client of RFC 2977 

requests an address of a certificate provisioning gateway in a visited network, and that the 

request message contains the address of the certificate provisioning gateway. 

Accordingly, RFC 2977 does not disclose or suggest, at least, "said message indicating 

that an address of a certificate provisioning gateway ... in a visited network is requested 

by the subscriber's user equipment ... the message further containing the address of the 

certificate provisioning gateway, 55 as recited in independent claim 2 and similarly recited 

in the other independent claims. As discussed above, RFC 2977 refers only to the client 

of RFC 2977 requesting resources, and to the customer requesting a suitable IP address 

for itself. RFC 2977 does not even mention an address of a certificate provisioning 

gateway in a visited network. 
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Tsuda and Lee fail to cure these deficiencies in RFC 2977. Tsuda refers to 
registering obtained addresses and generating a home IP address to be used by a mobile 
node (see, e.g., Tsuda at paragraphs 88 and 92), but does not disclose or suggest 
requesting an address of a certificate provisioning gateway in a visited network. Lee 
refers to a terminal address and an e-mail address (see, e.g., Lee at column 5, lines 35- 
65) 5 but fails to disclose or suggest requesting an address of a certificate provisioning 
gateway in a visited network. Accordingly, the combination of RFC 2977, Tsuda, and 
Lee does not disclose or suggest, at least, "said message indicating that an address of a 
certificate provisioning gateway ... in a visited network is requested by the subscriber's 
user equipment ... the message further containing the address of the certificate 
provisioning gateway," as recited in independent claim 2 and similarly recited in the 
other independent claims. 

The Interview Summary dated March 12, 2009 asserted that these features are 
"inherent in IP and Mobile-IP networking/routing since a data packet cannot be 
understood or routed without the source and destination addresses being known (or 
forwarded if a default gateway is used to forward the data)" (see Interview Summary at 
Continuation Sheet). "Further to this point is Tsuda 5 figure 10 which ... shows the 
mobile (in a foreign network) whereby it contacts a foreign agent . . . thusly the addresses 
are determined/used" (see id.). Applicants respectfully traverse this assertion of 
inherency. 
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Although it may be important for an user equipment to know and/or to forward 
source and destination addresses to and/or from a foreign agent, it is not necessary for the 
user equipment to request an address of the foreign agent, and to include the address in 
the request. Instead, as in the embodiments relied upon by the Interview Summary, it is 
possible for the user equipment, for example, to generate the address of the foreign agent 
itself, or to receive the address from the foreign agent without requesting the address. In 
addition, it appears that the Interview Summary has overlooked the benefits of including 
the address of the foreign agent in the request to verify the accuracy of the address in the 
user equipment with an address of the foreign agent determined based on location. Thus, 
even if Figure 10 of Tsuda shows the address of the foreign agent, it does not disclose or 
suggest requesting the address of the foreign agent and including the address in the 
request message, of the claimed invention. Therefore, assuming that the Interview 
Summary is correct (for the sake of argument), nevertheless, the combination of RFC 
2977, Tsuda, and Lee does not disclose all of the features of the rejected claims. 

Furthermore, RFC 2977 fails to disclose or suggest the certificate provisioning 

gateway for certificate issuance and delivery procedure and serving at least one certificate 

authority, of the claimed invention. As discussed above, RFC 2977 refers only to the 

attendant of RFC 2977 providing resources, and to the AAA servers obtaining the 

revocation status of a digital certificate in an AAA message. RFC 2977 does not disclose 

or suggest that either the attendant or the AAA servers of RFC 2977 is "for certificate 

issuance and delivery," as recited in independent claim 2. Thus, the attendant and the 
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AAA servers of RFC 2977 cannot correspond to the certificate provisioning gateway of 
the claimed invention. 

Tsuda and Lee do not cure these deficiencies in RFC 2977. Tsuda refers to a 
certificate authority (see Tsuda at paragraph 186), but fails to disclose or suggest the 
functionality of the certificate authority, the address of the certificate authority, and a 
certificate provisioning gateway for certificate issuance and delivery procedure. Lee does 
not even mention the term "certificate," and therefore, does not disclose or suggest a 
certificate provisioning gateway for certificate issuance and delivery procedure and 
serving at least one certificate authority. Accordingly, the combination of RFC 2977, 
Tsuda, and Lee fails to disclose or suggest, at least, "a certificate provisioning gateway 
for certificate issuance and delivery procedure ... the certificate provisioning gateway 
serving at least one certificate authority," as recited in independent claim 2 and the other 
independent claims. Also, accordingly, the combination of RFC 2977, Tsuda, and Lee 
does not disclose or suggest, "determining ... an address of the certificate provisioning 
gateway ... checking ... whether or not the address of the certificate provisioning 
gateway received in the message is the same as the address of the certificate 
provisioning gateway determined ... and when they are not the same, using ... the 
address determined," (emphasis added) as recited in independent claim 2 and similarly 
recited in the other independent claims. 

For at least the reasons discussed above, Applicants respectfully submit that the 

combination of RFC 2977, Tsuda, and Lee does not disclose or suggest all of the 
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elements of independent claims 2-3, 24-26, and 32-36. Accordingly, Applicants 
respectfully request that the rejections of independent claims 2-3, 24-26, and 32-36 be 
withdrawn. 

Claims 37-38 depend from, and further limit, independent claim 2. Thus, each of 
claims 37-38 recites subject matter that is neither disclosed nor suggested in the 
combination of RFC 2977, Tsuda, and Lee. Accordingly, Applicants respectfully request 
that the rejection of claims 37-38 be withdrawn. 

Reconsideration and allowance of claims 2-3, 24-26, and 32-38 are, therefore, 
respectfully submitted. 

Conclusion 

For at least the reasons discussed above, Applicants respectfully submit that the 
cited reference fails to disclose or suggest all of the elements of the claimed invention. 
These distinctions are more than sufficient to render the claimed invention unanticipated 
and unobvious. It is thus respectfully requested that all of claims 2-3, 6-9, 13-15, 17, 24- 
27, and 32-40 be allowed, and this application passed to issue. 

If for any reason the Examiner determines that the application is not now in 
condition for allowance, it is respectfully requested that the Examiner contact, by 
telephone, Applicants' undersigned attorney at the indicated telephone number to arrange 
for an interview to expedite the disposition of this application. 
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In the event this paper is not being timely filed, Applicants respectfully petition for 
an appropriate extension of time. 
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